Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/I_ecZzQjlzLYKRkSB4ohkDOECDo.roa
File: I_ecZzQjlzLYKRkSB4ohkDOECDo.roa (raw, json)
Hash identifier: vF5TZM7EZlESaji8n/ducnIrtcfjrMLRKeY7XV9gu68=
Subject key identifier: 23:F7:9C:67:34:23:97:32:D8:29:19:12:07:8A:21:90:33:84:08:3A
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B71063C62BEEAAD1E1D44453F020267C9
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/I_ecZzQjlzLYKRkSB4ohkDOECDo.roa
Signing time: Fri 27 Oct 2023 12:05:15 +0000
ROA not before: Fri 27 Oct 2023 12:05:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:7105:50bb/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:71:06:3c:62:be:ea:ad:1e:1d:44:45:3f:02:02:67:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 27 12:05:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=23f79c6734239732d8291912078a21903384083a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:32:4f:ba:0d:76:23:48:93:d5:a1:3e:f7:06:
62:67:ea:5a:a6:0e:e9:dc:bd:88:8a:e3:ca:83:6e:
b4:ca:d2:b0:4f:17:bd:fa:59:97:4d:67:45:7e:4c:
98:6d:d2:0d:7e:f5:86:3b:78:ec:b7:bf:ca:50:62:
19:35:b8:4a:e2:41:64:f7:88:06:35:77:73:a5:49:
b6:63:06:59:76:11:13:bb:33:19:3a:2d:6b:ff:a7:
ac:9a:da:04:5d:e9:97:bc:80:59:77:73:38:a9:87:
8e:b7:dd:8d:41:7c:57:9c:2f:be:0c:f2:81:5b:83:
1d:f7:aa:3d:e8:67:74:ba:cb:a7:43:25:96:fe:27:
71:b4:37:74:77:83:c4:cb:18:ff:ff:ba:43:19:72:
96:85:63:a1:55:d3:17:2c:6b:94:7c:17:95:10:8d:
e3:62:d8:24:82:1f:28:b2:f4:81:3d:90:52:11:d6:
76:64:65:5e:94:a4:5a:32:80:f8:13:33:ac:08:4d:
7c:b5:ef:cc:d4:7e:d9:ad:24:ed:cb:50:6d:a4:3a:
c4:aa:85:f1:5f:b6:a6:77:b0:fd:26:6b:1e:a4:9d:
99:c7:05:76:ce:97:6b:1e:d7:dc:2b:55:2a:a5:ff:
d4:9d:03:7e:84:b2:30:45:4c:55:69:1d:cb:10:18:
bc:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:F7:9C:67:34:23:97:32:D8:29:19:12:07:8A:21:90:33:84:08:3A
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/I_ecZzQjlzLYKRkSB4ohkDOECDo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2c:5b:87:42:81:52:ca:7b:7d:82:5d:fa:09:55:b5:92:55:39:
03:4e:28:fe:02:c7:d5:bd:ea:ca:64:a9:2d:6f:c7:b1:2c:b6:
e0:e6:7e:ec:58:d9:c3:2f:b5:67:dc:e4:26:db:08:c1:f3:8a:
8e:16:63:45:22:62:6e:da:7d:c1:5b:a7:99:13:7e:7e:95:fc:
b5:ce:7e:70:42:5d:63:43:7f:6c:8d:f4:77:f8:bc:26:be:46:
a6:e3:96:12:1c:5d:43:e5:fc:f5:ec:3d:a3:b3:84:90:21:2c:
6b:f9:03:e8:6a:b5:2e:0e:bd:6e:a4:4a:4f:c2:9d:5d:55:e5:
4d:df:64:84:a3:c1:4c:0e:4d:c0:6c:57:93:d2:d3:cb:41:e8:
73:b0:4c:32:bc:54:77:a9:44:ba:95:89:48:09:b9:fc:46:c1:
26:e4:fd:07:39:95:36:2c:c6:9f:d0:13:22:3a:7f:1f:db:4d:
bb:8f:bf:82:2b:60:4d:0d:a5:5e:e2:ca:0f:eb:ba:8c:b6:fc:
f9:35:8a:93:aa:c0:9b:6a:13:72:72:e8:f8:14:9d:74:36:e0:
56:28:72:5e:6d:12:ea:28:43:5a:50:7c:c6:d7:72:bb:a9:99:
38:30:79:88:dd:11:1e:46:c5:ef:0b:a8:19:97:3a:56:a6:a3:
ab:5d:9f:4c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYtxBjxivuqtHh1ERT8CAmfJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDI3MTIwNTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2Y3OWM2NzM0MjM5NzMyZDgyOTE5MTIwNzhhMjE5MDMzODQwODNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjjJPug12I0iT1aE+9wZiZ+papg7p
3L2IiuPKg260ytKwTxe9+lmXTWdFfkyYbdINfvWGO3jst7/KUGIZNbhK4kFk94gG
NXdzpUm2YwZZdhETuzMZOi1r/6esmtoEXemXvIBZd3M4qYeOt92NQXxXnC++DPKB
W4Md96o96Gd0usunQyWW/idxtDd0d4PEyxj//7pDGXKWhWOhVdMXLGuUfBeVEI3j
Ytgkgh8osvSBPZBSEdZ2ZGVelKRaMoD4EzOsCE18te/M1H7ZrSTty1BtpDrEqoXx
X7amd7D9JmsepJ2ZxwV2zpdrHtfcK1Uqpf/UnQN+hLIwRUxVaR3LEBi8PQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCP3nGc0I5cy2CkZEgeKIZAzhAg6MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvSV9lY1p6UWpsekxZS1JrU0I0b2hrRE9FQ0RvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACxbh0KBUsp7fYJd+glV
tZJVOQNOKP4Cx9W96spkqS1vx7EstuDmfuxY2cMvtWfc5CbbCMHzio4WY0UiYm7a
fcFbp5kTfn6V/LXOfnBCXWNDf2yN9Hf4vCa+RqbjlhIcXUPl/PXsPaOzhJAhLGv5
A+hqtS4OvW6kSk/CnV1V5U3fZISjwUwOTcBsV5PS08tB6HOwTDK8VHepRLqViUgJ
ufxGwSbk/Qc5lTYsxp/QEyI6fx/bTbuPv4IrYE0NpV7iyg/ruoy2/Pk1ipOqwJtq
E3Jy6PgUnXQ24FYocl5tEuooQ1pQfMbXcrupmTgweYjdER5Gxe8LqBmXOlamo6td
n0w=
-----END CERTIFICATE-----
Generated at Thu Jun 19 15:00:36 2025 by rpki-client